PCI Compliance doesn't like the Desktop Services Store

Josh Sherman
1 min read
Servers Web Servers

The Desktop Services Store (DS_Store) as you probably already know, is a file that stores some metadata about the files in a directory in the OS X. I’ve taken a look at them, they seem pretty harmless, but in the realm of PCI Compliance they are a medium risk because they can reveal the directory structure (which could very well be innocuous depending on the site). Like most of the PCI Compliancy challenges I’ve faced, it’s a pretty simple fix:


<Files "^\.">
    Order deny,allow
    Deny from all


location ~ /\.
    deny all;

Note, the above examples will deny access to all hidden files (.htaccess, .DS_Store, et cetera)

Join the Conversation

Good stuff? Want more?

Weekly emails about technology, development, and sometimes sauerkraut.

100% Fresh, Grade A Content, Never Spam.

Related Articles